Digital technologies and the Internet are the backbone of our society and economy; they are key enablers of prosperity and freedom. Network and information systems can be affected by incidents (human mistakes, natural events, technical failures or malicious attacks) that are becoming bigger, more frequent and more complex. A high level of network and information security across the EU is essential to ensure consumer confidence and to keep the online economy running. This will, in turn, preserve the well-functioning of the internal market and will boost growth and jobs.
Trust and security are also a key pillar of the Digital Single Market Strategy.
For new connected technologies to take off, Europeans need trust and confidence. This is why one of the 16 initiatives of the Digital Single Market Strategy is the launch of an ambitious contractual public private partnership (cPPP) on cybersecurity.
The contractual PPP aims to strenghten the EU cybersecurity industry and make sure European citizens and businesses have access to more innovative, secure and user-friendly solutions that take into account European rules and values.
Also, to ensure a better Internet for kids, the Commission has adopted a number of initiatives including a European Strategy for a Better Internet for Children.
In 2013 the Commission put forward a proposal for a Directive concerning measures to ensure a high common level of network and information security across the Union. Two years later, the Parliament and Council agreed on the text of the Network and Information Security Directive (NIS).
The NIS Directive provides legal measures to boost the overall level of cybersecurity in the EU by:
Once adopted and implemented, the NIS Directive will benefit citizens, as well as government and businesses, who will be able to rely on more secure digital networks and infrastructure to provide their essential services at home and across borders.
The public-private network and information security NIS Platform was set up under the EU Cybersecurity Strategy in June 2013, with the aim of identifying good practices that organisations, across the value chain, can follow in order to tackle cybersecurity risks. A special focus of the Platform is to help SMEs tackle such risks.
These activities on network and information security are supported by the European Network and Information Security Agency, as well as by the Computer Emergency Response Team for the EU institutions (CERT-EU).
The EU is active in an EU-US Working Group on Cybersecurity and Cybercrime, as well as in other multilateral fora, such as the Organisation for Economic Co-operation and Development (OECD), the United Nations General Assembly (UNGA), the International Telecommunication Union (ITU), the Organisation for Security and Co-operation in Europe (OSCE), the World Summit on the Information Society (WSIS) and the Internet Governance Forum (IGF). Strengthened network and information security will also help better deter cybercrime. The European Cybercrime Centre is established within Europol and should act as the focal point for the fight against cybercrime in the EU.